ipchains and imap

mjo Tue, 30 Jan 2001 17:34:37 -0800
I have built a firewall for a 50 node network using ipchains.  The firewall box
Masquerades out the internal network,  numerous services function
wonderfully and nothing unwanted gets in.  The only problem is that NO mail can
be SENT internally or externally.  Receive mail uses pop-3 and is spiffy. 
Sending mail uses imap4 and the same mail server as pop-3.  There is
only one simple internal network.

I had no imap experience what-so-ever until I basically read a bazillion web
pages, book excerpts, examples, and old e-mails to solve this problem, and tried
many examples.  I have modeled after examples in various styles, and most of
them more or less make total sense to me when reading.  Yet when I write the
ipchains and restart the firewall, the ability to send mail disappears.

**SO, here is my question:

**I use default rejects.  I allow MASQing and all other rules work wonderfully. 
**What rules do I need to write to simply get imap4 packets from an internal
**network to both internal and external locations?

I would post all the variations I tried, but to be honest, there are so many
that I don't think it'd help much.  Here is one example I used at one point that
may help give you an idea of what things look like, even though it may possibly
be worse off than other attempts:

ipchains -A input -i $IN_IF -p tcp -s $IN_NET -d $POP 143 -j ACCEPT
ipchains -A output -i $EX_IF -p tcp -s $EX_IP -d $POP 143 -j ACCEPT

#the next two I don't see why I'd need, but it doesn't work without them either
#so whatever.

 ipchains -A input -i $EX_IF -p tcp -s $POP 143 -d $EX_IP -j ACCEPT ! -y
ipchains -A output -i $IN_IF -p tcp -s $POP 143 -d $IN_NET -j ACCEPT

#   $POP is the mailserver for both pop3 and imap.  The other variables should
make sense.

If I put in only one MASQ everything anywhere rule, mail out DOES work, which
to me suggests it is really my chains.  They did used to use MS Exchange server
on NT, but I can't see what that has to do wiht it as the linux firewall is set
as everythings gateway and ipchains points to the right mail server.

I'm exausted and I've researched my head out for now.  Does anyone have a VERY
basic example?   I can spruce things up later but need to get it working first.
If anyone has even the tiniest clue...

Many thanks,
-Martha Jo




_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
ipchains and imap

Reply via email to
